Wow. I just got nailed. A trusted friend sent me a standard "check this out" instant message on MSN saying I should take a look at a site called http://www.newmsnlive.info also known as http://www.msnforyou.info and http://www.get-messenger.com.

Do NOT visit these links.

I didn't read the FAQ, but there's these gems:

"By using the Online Delete Checker you authorize Get-Messenger to temporarily change your nick to "http://www.get-messenger.com: Find out who removed you from his/her contact list" only for advertising purposes. You can change the nick again the next time you log into your regular MSN Messenger® client."

By using the Online Delete Checker you authorize Get-Messenger to send Instant Messages on your behalf to your online contacts advertising the site.

It is quite simple. We just try to get visits in order to make money publishing ads. There are no dark or mischievous intentions behind."

I don't know what I was thinking, but I figured I could just change my password afterwards. What I didn't expect, though, was that the website would send out Instant Messages to 300 of my closet friends, some of the messages in Spanish, asking THEM to visit the site.

Of course, these terms of service are buried at the bottom of a long FAQ I didn't read. I appreciate that they are 'honest' but I really find this way of viral advertising to be disingenuous. Fortunately, I'm not the only one who is finding this to be very uncool, and the site(s) are starting to show up in Anti-Phishing Databases.

The issue is also being escalated with Windows Live Messenger Operations with the intent to get the URL blocked. And I've changed my Live Password.

I'm so embarrassed. This is the first time I've ever been "successfully" phished. And hopefully the last.

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

Well at least it was from a friend, that's a bit of an excuse. A while back I blogged about MS starting a swear filter on their email, and that post has become a magnet for the gulible. The comments are sad/funny depending on your view. I keep saying it's a scam, but more and more people are posting their MS Lottery spams there and asking if it's real.

@BarryD - WTF? How did that first guy decide that you were some kind of expert on the "Microsoft Lottery" or whatever that was? (I get how the subsequent posts happened; Looking at your search engine referrals probably explain it well enough).

@Scott - You can't technically call this phishing, can you? I would think that the defining characteristic of phishing is a site purporting they're someone they're not. In this case, the site was honest, they just weren't entirely up front with their intentions to abuse your Messenger account. More of a con than phish, I think.

Wow! Well, I guess if you can get caught out, then anybody can get caught out.

I had a similar experience two years ago. I cannot remember what site it was or why I did it, but I gave my Messenger user name and password to a website. Before I knew it, all my Hotmail contacts received an email similar to the one that trapped me. I vowed never to supply my credentials to a site that I do not trust.

"Wow. I just got nailed. A trusted friend sent me a standard "check this out" instant message on MSN saying I should take a look at a site called http://www.newmsnlive.info also known as http://www.msnforyou.info and http://www.get-messenger.com."

It didn't show the message to my MSN chat buddy. I think MSN must be filtering them by some blacklist, recognizing those URLs as bad ones.

The more interesting thing is how some unscrupulous web site got you to cough up your personal information in the form of your contacts list. They even got you to authorize a mass message sent to everyone on your list pimping their bile while looking like it came from you. (A trick that worked so well that when you got one you didn't hesitate to click it because it came from, as you said, a trusted friend.)

It wasn't a clever piece of code that hacked your account. Instead, it was some brilliant social engineering. Playing on your, and everyone else's that they duped, ego. "Of course I want to know who has blocked me from their life! I will willingly release control of my account, just give me the goods."

This reminds of something similar a few years back. There was an e-mail going around that had words to the effect that "somebody you know has a secret crush on you; enter the e-mail address of who you think it might be to see if you are right." Of course, the same message got sent to *those* people, and so on.

It sounds like you don't have antiphishing built into your internet security program... Or are you using an internet security program, and which one if you don't mind my asking?

I just posted an article about internet security because Norton did not pick up MalwareAlarm on both my home computers and neither did McAfee on my work computer.

I did a controlled test with Panda's Internet Security suite (tried to install it to see which security programs would catch it), and it was was the only one that truly caught it... along with an attempt from one of my neighbors to hijack my wifi network... along with a defragmentation attack that was hitting my hard drive every few minutes (and I was thinking it was time to buy a new hard drive)!!

It has antiphishing and web site content filtering built in as well - which sounds like something you might want to take a look at ;-)

A far more amatuer looking site tried to do the same to me a few weeks back: www.whoadmitsyou.com

It makes me wonder if I need a seperate IM account for technical people and another for 'friends & family'

Andrew W

Friday, July 06, 2007 4:27:02 AM UTC

Out of interest.. did it actually tell you who had deleted you?

Andrew W

Friday, July 06, 2007 5:43:56 AM UTC

You just have to be so careful what you install these days. And on that note, you'll probably shy away from the following suggestion - understandably so after this experience - but I know of a semi-decent alternative to the above program you stumbled upon (no, I am not in any way affiliated with said program). Perhaps try install it on some sort of test live account (its sad, but I've resorted to that for stuff like this..) if you're skeptical.

Its called MSN Live Plus!http://www.msgpluslive.net/

Contact List Cleanup:- If the person has removed you from their list- Last time they were online- Last time you spoke to themTabbed chat windows (because its a nuisance having 8 windows open when chatting to friends)Better notifications (do you really need to view notifications for EVERY contact that comes online?)Some other stuff I don't bother using

Use it, don't use it, your choice.

Enjoy :)

Jonathan

Friday, July 06, 2007 11:40:21 AM UTC

Scott, I can't believe you also got nailed! I got nailed by this one:http://dotnet.org.za/ernst/archive/2007/06/18/live-messenger-worm.aspx